daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

reverting the change

patch-1
bauthard 2020-11-27 01:19:35 +05:30 committed by GitHub
parent 478884cc45
commit 519ddb4ce5
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 3 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
cves/CVE-2019-12725.yaml
View File

@ -9,8 +9,9 @@ info:
found in ZeroShell 3.9.0 in the "/cgi-bin/kerbynet" url.
As sudo is configured to execute /bin/tar without a password (NOPASSWD)
it is possible to run root commands using the "checkpoint" tar options.
references: https://www.tarlogic.com/advisories/zeroshell-rce-root.txt
# https://github.com/X-C3LL/PoC-CVEs/blob/master/CVE-2019-12725/ZeroShell-RCE-EoP.py
references:
- https://www.tarlogic.com/advisories/zeroshell-rce-root.txt
- https://github.com/X-C3LL/PoC-CVEs/blob/master/CVE-2019-12725/ZeroShell-RCE-EoP.py
requests:
- method: GET